My view is that you're better off adding this logic into your DNS server and using ECMP before adding yet another application into the stream of DNS packets.<p>If you want your individual servers to coordinate their attack profile, you can do that either in-band, or out-of-band.<p>We've never seen any benefit to anything besides affinity-based (src/dst/etc.) ECMP.